diff --git a/roles/dhcpserver/defaults/main.yml b/roles/dhcpserver/defaults/main.yml
index 83f2c08c2c6b557490ccb3736117ec00470e79e7..4032a4e0fc6ddd93cdaf7327f721c21afb211a44 100644
--- a/roles/dhcpserver/defaults/main.yml
+++ b/roles/dhcpserver/defaults/main.yml
@@ -1,6 +1,6 @@
 ---
 dhcp_server_interface: eth255
 dhcp_config_gen_dir: /var/lib/ffs/config-generator
-dhcp_kea_socket: /run/kea/kea4-ctrl-socket
+dhcp_kea_socket: /var/run/kea/kea4-ctrl-socket
 # which segments to serve pools on. empty means all segments.
 dhcp_segments: []
diff --git a/roles/dhcpserver/files/apt-cloudsmith-kea-2-4.gpg.key b/roles/dhcpserver/files/apt-cloudsmith-kea-2-4.gpg.key
deleted file mode 100644
index 178b890efa6d98fddce95e82dcbbdcac87f62d32..0000000000000000000000000000000000000000
Binary files a/roles/dhcpserver/files/apt-cloudsmith-kea-2-4.gpg.key and /dev/null differ
diff --git a/roles/dhcpserver/files/apt-cloudsmith-kea-2-6.gpg.key b/roles/dhcpserver/files/apt-cloudsmith-kea-2-6.gpg.key
new file mode 100644
index 0000000000000000000000000000000000000000..298ab7ac37c9f76c32a8cc5a09120a35ffe17b63
Binary files /dev/null and b/roles/dhcpserver/files/apt-cloudsmith-kea-2-6.gpg.key differ
diff --git a/roles/dhcpserver/files/apt-debian-bookworm-2-4.list b/roles/dhcpserver/files/apt-debian-bookworm-2-4.list
deleted file mode 100644
index 957c1eaa104a2caaef1c71223ec57ac5d3c565e3..0000000000000000000000000000000000000000
--- a/roles/dhcpserver/files/apt-debian-bookworm-2-4.list
+++ /dev/null
@@ -1,9 +0,0 @@
-# Source: ISC - Internet Systems Consortium
-# Site: https://gitlab.isc.org/isc-projects/kea
-# Repository: ISC - Internet Systems Consortium / kea-2-4
-# Description: Kea 2.4 is the current stable version, suitable for production deployment. The software in this repository is licensed under the MPL 2.0 open source license. Professional technical support is available from ISC.org.
-
-
-deb [signed-by=/usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian bookworm main
-
-deb-src [signed-by=/usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-4/deb/debian bookworm main
diff --git a/roles/dhcpserver/files/apt-debian-bookworm-2-6.list b/roles/dhcpserver/files/apt-debian-bookworm-2-6.list
new file mode 100644
index 0000000000000000000000000000000000000000..66463308e1b50e977ec4a1f8dd8cd0245160c7b7
--- /dev/null
+++ b/roles/dhcpserver/files/apt-debian-bookworm-2-6.list
@@ -0,0 +1,9 @@
+# Source: ISC - Internet Systems Consortium
+# Site: https://gitlab.isc.org/isc-projects/kea
+# Repository: ISC - Internet Systems Consortium / kea-2-6
+# Description: Kea 2.6 is the soon-to-be-released stable version, suitable for production deployment. The software in this repository is licensed under the MPL 2.0 open source license. Professional technical support is available from ISC.org.
+
+
+deb [signed-by=/usr/share/keyrings/isc-kea-2-6-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-6/deb/debian bookworm main
+
+deb-src [signed-by=/usr/share/keyrings/isc-kea-2-6-archive-keyring.gpg] https://dl.cloudsmith.io/public/isc/kea-2-6/deb/debian bookworm main
diff --git a/roles/dhcpserver/handlers/main.yml b/roles/dhcpserver/handlers/main.yml
index dd37be37cab264bdb77dd8fe245a43b439545d94..3b6309291e00a1773389c629dba60354c9cb7877 100644
--- a/roles/dhcpserver/handlers/main.yml
+++ b/roles/dhcpserver/handlers/main.yml
@@ -1,5 +1,5 @@
 ---
 - name: restart kea4
-  service: name=kea-dhcp4-server state=restarted
+  service: name=isc-kea-dhcp4-server state=restarted
 - name: restart kea-exporter
   service: name=kea-exporter state=restarted
diff --git a/roles/dhcpserver/tasks/main.yml b/roles/dhcpserver/tasks/main.yml
index 46f74b4a7a33f65bd11cb2f983d8b51812c6b578..b338f9019da1b20344fcc7d69b91f457d69065c6 100644
--- a/roles/dhcpserver/tasks/main.yml
+++ b/roles/dhcpserver/tasks/main.yml
@@ -12,10 +12,10 @@
 # On Debian 11, we used to use the kea packages from ISC. Now, kea 2.2
 # is in Debian, but that does not support ignore-dhcp-server-identifier,
 # which we need to relaying to work.
-# So we use kea 2.4 from kea to be as close as possible to the packages that
+# So we use kea 2.6 from kea to be as close as possible to the packages that
 # will likely be in the next Debian release.
 - name: Install kea-dhcp from ISC repos
-  include_tasks: setup-cloudsmith-repo-2-4.yml
+  include_tasks: setup-cloudsmith-repo-2-6.yml
   when: ansible_facts['distribution_major_version'] == "12"
 
 # This is for future when we can finally use the packages from Debian.
diff --git a/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-4.yml b/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-6.yml
similarity index 60%
rename from roles/dhcpserver/tasks/setup-cloudsmith-repo-2-4.yml
rename to roles/dhcpserver/tasks/setup-cloudsmith-repo-2-6.yml
index 2467d811688fbbf03d6c1d08e9828496b7b2aaa9..18d6ae01e806f5dfb9121bb1cbcec53174307d82 100644
--- a/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-4.yml
+++ b/roles/dhcpserver/tasks/setup-cloudsmith-repo-2-6.yml
@@ -16,15 +16,25 @@
     path: /etc/apt/sources.list.d/isc-kea-2-3.list
     state: absent
 
+- name: Remove cloudsmith kea 2.4 APT key
+  ansible.builtin.file:
+    path: /usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg
+    state: absent
+
+- name: Remove cloudsmith kea 2.4 repo
+  ansible.builtin.file:
+    path: /etc/apt/sources.list.d/isc-kea-2-3.list
+    state: absent
+
 - name: Install cloudsmith APT key
   ansible.builtin.copy:
-    src: apt-cloudsmith-kea-2-4.gpg.key
-    dest: /usr/share/keyrings/isc-kea-2-4-archive-keyring.gpg
+    src: apt-cloudsmith-kea-2-6.gpg.key
+    dest: /usr/share/keyrings/isc-kea-2-6-archive-keyring.gpg
 
 - name: Install cloudsmith repo
   ansible.builtin.copy:
-    src: apt-debian-bookworm-2-4.list
-    dest: /etc/apt/sources.list.d/isc-kea-2-4.list
+    src: apt-debian-bookworm-2-6.list
+    dest: /etc/apt/sources.list.d/isc-kea-2-6.list
 
 - name: Installing kea-dhcp4
   apt: